Skip to content

Commit

Permalink
Merge pull request #668 from bmeeks8/pfSense-pkg-suricata-4.1.4_8
Browse files Browse the repository at this point in the history
  • Loading branch information
@rbgarga
rbgarga committed Aug 24, 2019
2 parents 6b97b32 + 46367ee commit 74059cd
Show file tree
Hide file tree
Showing 5 changed files with 12 additions and 19 deletions.
2 changes: 1 addition & 1 deletion security/pfSense-pkg-suricata/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

PORTNAME= pfSense-pkg-suricata
PORTVERSION= 4.1.4
PORTREVISION= 7
PORTREVISION= 8
CATEGORIES= security
MASTER_SITES= # empty
DISTFILES= # empty
Expand Down
4 changes: 1 addition & 3 deletions security/pfSense-pkg-suricata/files/arm/usr/local/pkg/suricata/suricata_migrate_config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,6 @@
if (empty($config['installedpackages']['suricata']['rule']))
return;

$rule = &$config['installedpackages']['suricata']['rule'];

/****************************************************************************/
/* Loop through all the <rule> elements in the Suricata configuration and */
/* migrate relevant parameters to the new format. */
Expand Down Expand Up @@ -229,7 +227,7 @@
}

// Now process the interface-specific settings
foreach ($rule as &$r) {
foreach ($config['installedpackages']['suricata']['rule'] as &$r) {

// Initialize arrays for supported preprocessors if necessary
if (!is_array($r['libhtp_policy']))
Expand Down
10 changes: 4 additions & 6 deletions security/pfSense-pkg-suricata/files/arm/usr/local/pkg/suricata/suricata_post_install.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,8 +160,7 @@
$builtin_rules = array( "app-layer-events.rules", "decoder-events.rules", "dnp3-events.rules", "dns-events.rules", "files.rules", "http-events.rules",
"modbus-events.rules", "smtp-events.rules", "stream-events.rules", "tls-events.rules" );
$rust_required_rules = array( "ipsec-events.rules", "kerberos-events.rules", "nfs-events.rules", "ntp-events.rules", "smb-events.rules" );
$suriconf = &$config['installedpackages']['suricata']['rule'];
foreach ($suriconf as &$suricatacfg) {
foreach ($config['installedpackages']['suricata']['rule']as &$suricatacfg) {
$rulesets = explode("||", $suricatacfg['rulesets']);
foreach ($builtin_rules as $name) {
if (in_array($name, $rulesets)) {
Expand All @@ -184,7 +183,8 @@
// and write result back to interface config location.
$suricatacfg['rulesets'] = implode("||", array_keys(array_flip($rulesets)));
}
unset($builtin_rules, $rulesets, $rust_required_rules);
// Release our config array reference and other memory
unset($suricatacfg, $builtin_rules, $rulesets, $rust_required_rules);
}
/****************************************************************/
/* End of built-in events rules fix. */
Expand Down Expand Up @@ -217,9 +217,7 @@
}

// Create the suricata.yaml files for each enabled interface
$suriconf = $config['installedpackages']['suricata']['rule'];

foreach ($suriconf as $suricatacfg) {
foreach ($config['installedpackages']['suricata']['rule'] as $suricatacfg) {
$if_real = get_real_interface($suricatacfg['interface']);
$suricata_uuid = $suricatacfg['uuid'];
$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}";
Expand Down
4 changes: 1 addition & 3 deletions security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata_migrate_config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,6 @@
if (empty($config['installedpackages']['suricata']['rule']))
return;

$rule = &$config['installedpackages']['suricata']['rule'];

/****************************************************************************/
/* Loop through all the <rule> elements in the Suricata configuration and */
/* migrate relevant parameters to the new format. */
Expand Down Expand Up @@ -220,7 +218,7 @@
}

// Now process the interface-specific settings
foreach ($rule as &$r) {
foreach ($config['installedpackages']['suricata']['rule'] as &$r) {

// Initialize arrays for supported preprocessors if necessary
if (!is_array($r['libhtp_policy']))
Expand Down
11 changes: 5 additions & 6 deletions security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata_post_install.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,8 +159,7 @@
$builtin_rules = array( "app-layer-events.rules", "decoder-events.rules", "dnp3-events.rules", "dns-events.rules", "files.rules", "http-events.rules", "ipsec-events.rules", "kerberos-events.rules",
"modbus-events.rules", "nfs-events.rules", "ntp-events.rules", "smb-events.rules", "smtp-events.rules", "stream-events.rules", "tls-events.rules" );

$suriconf = &$config['installedpackages']['suricata']['rule'];
foreach ($suriconf as &$suricatacfg) {
foreach ($config['installedpackages']['suricata']['rule'] as &$suricatacfg) {
$rulesets = explode("||", $suricatacfg['rulesets']);
foreach ($builtin_rules as $name) {
if (in_array($name, $rulesets)) {
Expand All @@ -173,7 +172,9 @@
// Remove any duplicate ruleset names from earlier bug
$suricatacfg['rulesets'] = implode("||", array_keys(array_flip($rulesets)));
}
unset($builtin_rules, $rulesets);

// Release our config array iterator and other memory
unset($suricatacfg, $builtin_rules, $rulesets);
}
/****************************************************************/
/* End of built-in events rules fix. */
Expand Down Expand Up @@ -206,9 +207,7 @@
}

// Create the suricata.yaml files for each enabled interface
$suriconf = $config['installedpackages']['suricata']['rule'];

foreach ($suriconf as $suricatacfg) {
foreach ($config['installedpackages']['suricata']['rule'] as $suricatacfg) {
$if_real = get_real_interface($suricatacfg['interface']);
$suricata_uuid = $suricatacfg['uuid'];
$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}";
Expand Down

0 comments on commit 74059cd

Please sign in to comment.